The Blowfish algorithm used to protect the username and password
requires many computations. To achieve the best possible speed, the
PHP's mcrypt extension and its accompanying library must be installed
on our web server. Otherwise, phpMyAdmin relies on an internally coded
algorithm, which works but causes delays of several seconds on almost
every operation done from phpMyAdmin! This is because the username
and password information must be decoded on every mouse click to be
able to connect to MySQL.
Signon
Since version 2.10, the signon mode enables us to use the credentials from
another application to authenticate to MySQL. Some applications have their own
authentication mechanism, so it's convenient to be able to use this fact to avoid
another cumbersome login panel. In order for this to work, this other application
has to store the proper credentials into PHP's session data to be retrieved later by
phpMyAdmin.
To enable this mode, we start with this directive:
$cfg['Servers'][$i]['auth_type'] = 'signon';
Let's suppose that the authenticating application has used a session named FirstApp
to store the credentials. We tell phpMyAdmin this fact:
$cfg['Servers'][$i] ['SignonSession'] = 'FirstApp';
Chapter 2
[ 37 ]
We must take care of users that would try to access phpMyAdmin before the other
application; in this case, phpMyAdmin will redirect users to the authenticating
application.
Pages:
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62